Skip to main content

How DNS Work ? What is Root, Authoritative andRecursive DNS servers ?


 


This article is only for Beginners – A basic guide

What is DNS?

Being a human we can not memorize billions of IP addresses (ex: 125.98.200.85). So, to make it simple DNS was introduced. DNS converts a name (ex:piratesshield.com) to a number (104.21.2.85).

DNS has a big computerized register to maintain DNS records for each server.

The Domain name service work on port 53/UDP. The latest technologies DNS over HTTPS (DOH) work on port443/TCP and DNS over TLS (DOT) works on port 853/TCP

There are four types of DNS available on the Earth,

  1. Root Server
  2. Top Level Domain (TLD) server
  3.  Authoritative  DNS
  4. Recursive DNS

 Authoritative Vs Recursive

Which Domain Name server, I am storing and maintaining my own and original DNS record for my website is called the Authoritative Name server.

The Recursive DNS Server, Which doses not aware of my website DNS record, Sends DNS queries and cached them for some time.

Recursive server configures with 13 Root servers to find the right authoritative server.


Root Server

In Globe, there are 13 Root servers available each one maintained by a US-based organization.

The Root server also has a DNS, which can answer the queries directly which is stored or cached inside the Root Zone.

For unknown queries which will refer to the TLD server to find the correct Authoritative server.

TLD Server



As per the above picture, the first part (com) of the website address is called Top Level Domain (TLD).

The TLD server contains all authoritative server records for each TLD (.com,.net, .in ) in different server spaces.

DNS FLOW FROM A COMPUTER

  1. User asks the browser to connect “www.piratesshield.com”, The browser immediately looks for the local “Host File” located in C:\Windows\System32\drivers\etc. If the DNS record is not available for the requested URL, the PC ask the DNS server (configured inside the PC’s adapter setting) to provide the IP address of website.
  2. If the DNS server does not know the IP address for the websie , its a Recursive Server. So, it will query the available Root Server to find the DNS record.
  3. The Root-Server provide TLD server address which stores the record of www.piratesshield.com.
  4. The Recursive sent query to TLD to provide Authoritative Server detail.
  5. The TLD response with the Authoritative DNS servers details where original records are stored.
  6. The Recursive server request the Authoritative DNS Server to provide the DNS record for www.piratesshield.com
  7. The IP address of URL www.piratesshield.com responded back (ref. image)
  8. Now the recursive server cache the DNS record and respond to browser with IP address of www.piratesshield.com

Then the PC will starts to do TCP handshake with destination webserver , then do TLS handshake – Send HTTP request ,Finally user will get full webpage on browser along with HTTP response.

Comments

Post a Comment

Popular posts from this blog

KARMA - Search for leaked Emails and Passwords

Hi Everyone, In this article we going to introduce the tool is KARMA.Its used to collect pwned Email address and passwords from pwndb. The tool is written in python3. So, you must need Python3 inside your machine . INSTALL sudo apt install tor python3 python3-pip git clone https :// github . com / decoxviii / karma . git ; cd karma sudo -H pip3 install -r requirements.txt python3 bin/karma.py --help TEST All the tests were done in  Debian/Ubuntu . Search emails with the password:  123456789 python3 bin/karma.py search '123456789' --password -o test1 Search emails with the local-part:  johndoe python3 bin/karma.py search 'johndoe' --local-part -o test2 Search emails with the domain:  hotmail . com python3 bin/karma.py search ' hotmail . com ' --domain -o test3 Search email password:  johndoe@unknown.com python3 bin/karma.py target 'johndoe@unknown.com' -o test4 DEMO VIDEO
Post a Comment
Read more